Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/443C3AF2D3F611EFB03C5C14C4F9AE02.roa
File: 443C3AF2D3F611EFB03C5C14C4F9AE02.roa (raw, json)
Hash identifier: jysPx7EDUYk/D9tf6ZfKYDMS6fp3Dr/SUMzejCX5Byw=
Subject key identifier: EA:B4:62:92:48:4D:20:CE:E9:E0:DD:FD:4D:1F:C9:CC:78:20:01:E1
Certificate issuer: /CN=A9119333/serialNumber=699E6742567BE7329CC3A786DEB7857E2C2420F9
Certificate serial: 2369
Authority key identifier: 69:9E:67:42:56:7B:E7:32:9C:C3:A7:86:DE:B7:85:7E:2C:24:20:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/443C3AF2D3F611EFB03C5C14C4F9AE02.roa
Signing time: Fri 10 Apr 2026 16:19:02 +0000
ROA not before: Fri 10 Apr 2026 16:19:02 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 45650
IP address blocks: 43.245.84.0/22 maxlen: 24
45.64.114.0/24 maxlen: 24
45.64.115.0/24 maxlen: 24
103.10.28.0/22 maxlen: 24
103.41.172.0/22 maxlen: 24
103.129.132.0/22 maxlen: 24
110.44.112.0/20 maxlen: 24
150.107.106.0/23 maxlen: 24
2404:7c00::/48 maxlen: 48
2404:7c00:1::/48 maxlen: 48
2404:7c00:40::/44 maxlen: 44
2404:7c00:40::/48 maxlen: 48
2404:7c00:41::/48 maxlen: 48
2404:7c00:42::/48 maxlen: 48
2404:7c00:43::/48 maxlen: 48
2404:7c00:44::/48 maxlen: 48
2404:7c00:46::/48 maxlen: 48
2404:7c00:47::/48 maxlen: 48
2404:7c00:48::/48 maxlen: 48
2404:7c00:49::/48 maxlen: 48
2404:7c00:4a::/48 maxlen: 48
2404:7c00:4b::/48 maxlen: 48
2404:7c00:4d::/48 maxlen: 48
2404:7c00:4e::/48 maxlen: 48
2404:7c00:4f::/48 maxlen: 48
2404:7c00:50::/44 maxlen: 44
2404:7c00:51::/48 maxlen: 48
2404:7c00:52::/48 maxlen: 48
2404:7c00:53::/48 maxlen: 48
2404:7c00:60::/44 maxlen: 44
2404:7c00:61::/48 maxlen: 48
2404:7c00:62::/48 maxlen: 48
2404:7c00:63::/48 maxlen: 48
2404:7c00:64::/48 maxlen: 48
2404:7c00:65::/48 maxlen: 48
2404:7c00:70::/44 maxlen: 44
2404:7c00:80::/44 maxlen: 44
2404:7c00:81::/48 maxlen: 48
2404:7c00:100::/40 maxlen: 48
2404:7c00:7c00::/44 maxlen: 44
2404:7c00:7c10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl
rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 15:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9065 (0x2369)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9119333, serialNumber=699E6742567BE7329CC3A786DEB7857E2C2420F9
Validity
Not Before: Apr 10 16:19:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69d922f6-9a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e4:92:c7:e0:9c:6d:68:88:52:3f:fb:34:ff:
b0:3d:0f:da:e3:bb:e5:ce:60:66:bf:72:d0:b6:5e:
e3:78:0f:1d:a9:18:a5:0d:22:1b:4f:22:81:a6:89:
71:11:61:23:e5:e2:40:52:4e:e0:b6:a1:5a:f0:60:
42:84:52:70:58:71:e4:9b:6f:c5:c9:b5:70:d7:f8:
f9:d8:b7:2e:7a:f8:90:f3:ba:89:ce:09:77:12:5f:
8d:23:02:38:92:3a:c0:73:b2:9f:b7:5f:5c:dc:58:
41:5c:05:ef:eb:d5:38:ed:87:83:2c:8a:d9:23:b4:
b6:5c:7a:92:4f:7c:de:d0:8f:80:56:9b:4c:93:25:
0e:66:9f:d4:0b:64:9f:9b:fe:27:71:10:03:d3:7e:
1c:87:3b:6c:6e:1a:c4:59:76:c2:26:4f:ce:9c:e7:
f6:dd:99:1e:25:f7:b6:cf:6e:23:b8:cd:2f:fa:87:
ca:26:2f:2d:b7:08:f0:cf:0a:8d:5f:ff:b0:97:6a:
81:07:60:9a:64:6e:13:42:3e:5e:65:1d:5b:ad:fe:
c1:81:52:c6:64:e8:34:33:9f:07:ab:f9:44:6c:cd:
51:c6:2d:e8:ae:72:f1:d3:33:da:2b:0b:88:d9:a9:
7c:7b:d9:bb:75:79:93:03:6e:b9:95:ed:1e:dc:7f:
e1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B4:62:92:48:4D:20:CE:E9:E0:DD:FD:4D:1F:C9:CC:78:20:01:E1
X509v3 Authority Key Identifier:
keyid:69:9E:67:42:56:7B:E7:32:9C:C3:A7:86:DE:B7:85:7E:2C:24:20:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/443C3AF2D3F611EFB03C5C14C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.245.84.0/22
45.64.114.0/23
103.10.28.0/22
103.41.172.0/22
103.129.132.0/22
110.44.112.0/20
150.107.106.0/23
IPv6:
2404:7c00::/47
2404:7c00:40::-2404:7c00:8f:ffff:ffff:ffff:ffff:ffff
2404:7c00:100::/40
2404:7c00:7c00::/43
Signature Algorithm: sha256WithRSAEncryption
26:fd:a7:cd:21:81:5a:ce:e4:ef:57:03:59:11:cc:cb:39:18:
b8:47:a0:bb:b4:14:73:79:db:43:ed:01:4c:c4:ee:84:d9:2c:
3a:43:51:98:03:23:35:0d:d5:dc:87:70:10:f9:25:92:2b:b9:
5d:d9:99:0e:3d:fa:a7:02:0f:0d:55:76:88:4f:98:42:c7:e0:
b8:ab:91:07:dd:79:49:2e:9d:45:9b:9a:2c:36:77:63:ba:6e:
cc:cb:e2:e7:cd:07:61:61:6d:58:95:bb:ab:e0:21:44:2e:e3:
7e:04:41:63:6f:9f:e3:8e:ae:9b:ff:26:a7:c3:f6:ed:f9:18:
6f:68:4c:53:13:c2:6e:2e:72:f2:df:0d:6e:21:26:cc:c2:2c:
43:ae:74:75:b4:1f:3b:8b:3a:b1:8f:8e:0d:43:8e:e1:2a:4d:
c5:00:ba:5f:23:c3:dc:d1:54:a5:bd:6e:af:46:bf:82:bf:75:
0a:50:42:af:89:33:ed:3d:ab:b5:0f:d5:15:cf:1c:bb:bc:e3:
ec:c9:2d:dd:ba:55:13:82:39:57:f3:dc:e8:7b:96:27:52:38:
a7:7d:a2:26:ba:3a:4e:be:49:62:8f:cd:80:c1:84:f9:0f:d6:
2f:61:1a:f3:51:e2:90:5f:64:a7:b4:fc:4d:3c:73:48:cc:96:
72:f9:78:03
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICI2kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkzMzMxMTAvBgNVBAUTKDY5OUU2NzQyNTY3QkU3MzI5Q0MzQTc4NkRFQjc4NTdF
MkMyNDIwRjkwHhcNMjYwNDEwMTYxOTAyWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ5MjJmNi05YTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtuSSx+CcbWiIUj/7NP+wPQ/a47vlzmBmv3LQtl7jeA8dqRilDSIbTyKBpolx
EWEj5eJAUk7gtqFa8GBChFJwWHHkm2/FybVw1/j52LcueviQ87qJzgl3El+NIwI4
kjrAc7Kft19c3FhBXAXv69U47YeDLIrZI7S2XHqST3ze0I+AVptMkyUOZp/UC2Sf
m/4ncRAD034chztsbhrEWXbCJk/OnOf23ZkeJfe2z24juM0v+ofKJi8ttwjwzwqN
X/+wl2qBB2CaZG4TQj5eZR1brf7BgVLGZOg0M58Hq/lEbM1Rxi3ornLx0zPaKwuI
2al8e9m7dXmTA265le0e3H/hbwIDAQABo4ICujCCArYwHQYDVR0OBBYEFOq0YpJI
TSDO6eDd/U0fycx4IAHhMB8GA1UdIwQYMBaAFGmeZ0JWe+cynMOnht63hX4sJCD5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTMzMy8wNjVEQTNCQUI4
NDQxMUU1QjUzNTdCMkZDNEY5QUUwMi9hWjVuUWxaNzV6S2N3NmVHM3JlRmZpd2tJ
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FaNW5RbFo3NXpLY3c2ZUczcmVGZml3a0lQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTkzMzMvMDY1REEzQkFCODQ0MTFFNUI1MzU3QjJGQzRGOUFFMDIvNDQzQzNBRjJE
M0Y2MTFFRkIwM0M1QzE0QzRGOUFFMDIucm9hMHkGCCsGAQUFBwEHAQH/BGowaDAw
BAIAATAqAwQCK/VUAwQBLUByAwQCZwocAwQCZymsAwQCZ4GEAwQEbixwAwQBlmtq
MDQEAgACMC4DBwEkBHwAAAAwEgMHBiQEfAAAQAMHBCQEfAAAgAMGACQEfAABAwcF
JAR8AHwAMA0GCSqGSIb3DQEBCwUAA4IBAQAm/afNIYFazuTvVwNZEczLORi4R6C7
tBRzedtD7QFMxO6E2Sw6Q1GYAyM1DdXch3AQ+SWSK7ld2ZkOPfqnAg8NVXaIT5hC
x+C4q5EH3XlJLp1Fm5osNndjum7My+LnzQdhYW1Ylbur4CFELuN+BEFjb5/jjq6b
/yanw/bt+RhvaExTE8JuLnLy3w1uISbMwixDrnR1tB87izqxj44NQ47hKk3FALpf
I8Pc0VSlvW6vRr+Cv3UKUEKviTPtPau1D9UVzxy7vOPsyS3dulUTgjlX89zoe5Yn
UjinfaImujpOvklij82AwYT5D9YvYRrzUeKQX2SntPxNPHNIzJZy+XgD
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:37:47 2026 by rpki-client